Répondre à : clef usb et virus 2016-09-08T13:18:13+00:00
g3n-h@ckm@n
Admin bbPress
Nombre d'articles : 8426

re

désinstalle avast5 avec ceci :

http://www.avast.com/fr-fr/uninstall-utility” onclick=”window.open(this.href);return false;

ensuite installe avast antivirus gratuit derniere version :

http://www.avast.com/fr-fr/download-software” onclick=”window.open(this.href);return false;

=====================

désintalle tout java
désinstalle yahoo toolbar

====================

ATTENTION !!! : Script personnalisé pour cette machine uniquement , ne pas reproduire !!

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit “executer en tant que….”

sur OTL.exe pour le lancer.

Copie la liste qui se trouve en gras ci-dessous,

colle-la dans la zone sous “Personnalisation” :


:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe

:OTL
DRV – File not found [Kernel | System | Stopped] — — (mailKmd)
FF – prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
FF – prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF – prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF – prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF – prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF – prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF – user.js – File not found
O4 – HKLM..Run: [Acer Tour] File not found
O4 – HKLM..Run: [eRecoveryService] File not found
O4 – HKUS-1-5-21-1970715518-3701620582-3212229884-1000..Run: [Acer Tour Reminder] File not found
O4 – Startup: C:UsersInvitéAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupOpenOffice.org 3.0.lnk
O16 – DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab” onclick=”window.open(this.href);return false; (Reg Error: Key error.)
O16 – DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab” onclick=”window.open(this.href);return false; (Reg Error: Key error.)
O16 – DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab” onclick=”window.open(this.href);return false; (Java Plug-in 1.6.0_22)
O16 – DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab” onclick=”window.open(this.href);return false; (Java Plug-in 1.6.0_31)
O16 – DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab” onclick=”window.open(this.href);return false; (Java Plug-in 10.45.2)
[2008/09/05 20:49:39 | 014,265,305 | —- | C] (Macrovision Corporation) — C:Userscorinneinstallation_pfnfr1000003.exe
[2008/08/12 17:10:58 | 000,135,168 | —- | C] (Pierre Schweitzer (aka Heis Spiter)) — C:Userscorinnepf-plug.exe
[2007/06/20 17:49:29 | 021,736,784 | —- | C] (DivX, Inc.) — C:UserscorinneDivXInstaller.exe
[2008/08/31 14:43:24 | 000,000,000 | —D | M] — C:444921cd15bfc8938f572cfc37
[2008/06/15 19:37:11 | 000,000,000 | —D | M] — C:ProgramDataSpybot – Search & Destroy
[2007/10/04 19:57:44 | 000,000,000 | —D | M] — C:WindowsInstaller{3248F0A8-6813-11D6-A77B-00B0D0160030}
[2008/06/15 19:33:23 | 000,003,552 | —- | M] () — C:Windowssystem32Tasksspybot

:reg
[HKEY_LOCAL_MACHINESoftwareMicrosoftwindowscurrentversionRun]
“QuickTime Task”=-
[-HKEY_CURRENT_USERSoftwareLdShih]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoring]
“DisableMonitoring”=DWORD:0
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfile]
“EnableFirewall”=DWORD:0
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfile]
“EnableFirewall”=DWORD:0
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyPublicProfile]
“EnableFirewall”=DWORD:0
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules]
“TCP Query User{60FEC8BC-6D32-402B-8CBA-3DBEF0E0D4D2}C:userscorinneappdataroamingcacaowebcacaoweb.exe”=-
“UDP Query User{0B7DF3AB-771C-4E60-B669-947F00CAA711}C:userscorinneappdataroamingcacaowebcacaoweb.exe”=-

:Files
C:WindowsTemp*

:commands
[emptytemp]

Clique sur “Correction” pour lancer la suppression.

Poste le rapport qui logiquement s’ouvrira tout seul en fin de travail appres le redemarrage.